You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
angle heap overflow
About this tag
The ANGLE heap overflow tag covers critical and high-severity memory corruption vulnerabilities in the ANGLE graphics translation layer used by Chromium-based browsers. Recent threads discuss CVEs such as CVE-2026-6296, CVE-2026-5275, and CVE-2026-4448, all involving heap buffer overflows that can be triggered by crafted HTML pages. These flaws pose risks including sandbox escape and remote code execution, with patches released in Chrome versions 146 and 147. Microsoft's Security Update Guide tracks these CVEs, highlighting their relevance for enterprise browser security. The tag focuses on the technical nature of ANGLE heap overflows, their exploitation via web content, and the urgency of applying browser updates.
Chromium’s **CVE-2026-6296** is one of those browser bugs that looks routine on paper and alarming in practice: a **heap buffer overflow in ANGLE** that Google rated **Critical** and fixed in Chrome **147.0.7727.101** on April 15, 2026. The public description says a crafted HTML page could let a...
Google’s CVE-2026-5275 is the kind of browser flaw that instantly jumps to the top of any patching queue: a heap buffer overflow in ANGLE that can be triggered by a crafted HTML page and, on affected Mac builds, could permit remote code execution before Chrome 146.0.7680.178. Microsoft’s...
Google’s Chrome security team has patched a serious heap buffer overflow in ANGLE, tracked as CVE-2026-4448, in Chrome 146.0.7680.153 and later. The flaw could let a remote attacker trigger heap corruption through a crafted HTML page, which makes it especially important because the attack...